OpenLDAP question

Kim Holburn kim.holburn at
Tue Sep 24 11:08:38 EST 2002

At 3:01 PM -0400 2002/09/23, Michael Faber wrote:
>I've installed OpenLDAP (using Berkeley's DB), and selected the
>three schemas (core, cosine, and NIS) that are supposed to turn
>on the user authentication...

I think you might need inetorgperson.schema as well and if you want samba you need the samba.schema although it has to be compatible with the version of openldap you are using.  Samba 2.2.5 samba.schema uses openldap2.   If you want any security you have to make a cert and add that to slapd.conf and you want to check your ACLs.

>So, then what?  Start slapd, put LDAP in my nsswitch.conf, and
>off we go?  Did I miss something?  An RTFM, maybe?

You should at least be able to get some response from ldapsearch although gq is easier and worth installing.

You have to invent a base dn and a root dn and you have to add the people and group objects and groups and users.  If you have a lot of users you'll need scripts.  There are a whole bunch in a program called "MigrationTools", (I think from redhat) you might want to look at directory_administrator.
On the clients you need to set /etc/openldap/ldap.conf to point to the ldap(s) server(s). 

Kim Holburn 
Network Consultant - Telecommunications Engineering
Research School of Information Sciences and Engineering
Australian National University - Ph: +61 2 61258620 M: +61 0417820641
Email: kim.holburn at  - PGP Public Key on request

Life is complex - It has real and imaginary parts.
     Andrea Leistra (rec.arts.sf.written.Robert-jordan)

More information about the linux mailing list